COMHAIRLE NÁISIÚNTA NA NATIONAL COUNCIL FOR VOCATIONAL AWARDS. Consultative Draft Module Descriptor. Network Security.

Save this PDF as:
Size: px
Start display at page:

Download "COMHAIRLE NÁISIÚNTA NA NATIONAL COUNCIL FOR VOCATIONAL AWARDS. Consultative Draft Module Descriptor. Network Security."

Transcription

1 COMHAIRLE NÁISIÚNTA NA gcáilíochtaí GAIRMOIDEACHAIS NATIONAL COUNCIL FOR VOCATIONAL AWARDS Consultative Draft Module Descriptor Network Security Level 6 C30260 January 2006

2 1. Module Title Network Security 2. Module Code C Level 6 4. Credit Value 1 5. Purpose This module is a statement of the standards to be achieved to gain a FETAC credit in Systems Software. It is designed to provide a solid foundation for the student in the fundamentals of Network Security. 6. Preferred Entry Level 7. Special Requirements 8. General Aims This module aims to enable the learner to: 8.1 Understand how viruses work in order to protect a computer system against virus attack. 8.2 Understand hacking techniques in order to protect a computer system from unauthorised outside access 8.3 Understand the CIA triad elements of confidentiality, integrity and availability to protect a computer system from unauthorised internal access. 8.4 Understand communications security and be able to implement countermeasures to keep an organisations communications secure. 8.5 Develop and deploy a computer security plan within an organisation. 8.6 Understand auditing and accountability, develop and implement an auditing system for an organisations computer system.

3 9. Units The specific learning outcomes are grouped into 6 units. Unit 1 Unit 2 Unit 3 Unit 4 Unit 5 Unit 6 Antivirus management External security Internal security Communications Security Security Planning Security Auditing 10 Specific Learning Outcomes Unit 1 Antivirus Management Learners should be able to: Understand the propagation techniques used by viruses Know how antivirus software packages detect known viruses Explain the techniques viruses use to escape detection Outline the basic principles behind logic bombs, Trojan horses, and worms Understand and implement antivirus management. Unit 2 External Security Learners should be able to: Be familiar with common password attacks and understand how to develop strong passwords Be familiar with the various types of application attacks hackers use to exploit poorly written software Know the network reconnaissance techniques used by hackers preparing to attack a network Understand decoy techniques used by system administrators seeking to lure hackers into a trap Outline the use of monitoring in relation to access controls Explain the need for intrusion detection systems (IDSs), explain the limits of using host-based IDSs, list the pros and cons of network-based IDSs.

4 Explain the differences between knowledge-based and behaviour based IDS detection methods Explain the purpose of vulnerability scanners and penetration testing Outline how brute force and dictionary attacks work Know what denial of service (DoS) attacks are Explain how the SYN flood DoS attack, Smurf DoS attack, ping of death DoS, WinNuke DoS attack, stream DoS attack, teardrop DoS attacks and land DoS attacks work Understand spoofing attacks, man-in-the-middle attacks, hijack attacks replay or playback attacks, sniffer attacks and spamming attacks Understand, list and implement the countermeasures to all types of DoS attacks and to spoofing, man-in-the-middle, sniffer, and spamming attacks Understand and implement the different types of firewalls. Unit 3 Internal Security Learners should be able to: Know how to prevent unrestricted installation of software Understand backup maintenance Know how changes in workstation or location promote a secure environment Understand privileged operations functions Know the standards of due care and due diligence Understand how to maintain privacy Understand what constitutes an illegal activity Know the proper procedure for record retention Understand the elements of securing sensitive media Know and understand the security control types Know the importance of control transparency.

5 Understand how to protect resources Be able to explain change and configuration control management Understand the trusted recovery process. Unit 4 Communications Security Learners should be able to: Know the protocol services used to connect to LAN and WAN communication technologies Know what tunneling is Understand VPNs Be able to explain NAT Understand common characteristics of security controls Understand how security works Know how fax security works Understand voice communications security Explain the concept of security boundaries Understand the various attacks and implement countermeasures associated with communications security

6 Unit 5 Security Planning Learners should be able to: Appreciate the security implications of hiring new employees Explain separation of duties Outline the principle of least privilege Know why job rotation and mandatory holidays are necessary Outline proper termination policies Define key security roles and know the elements of a formalised security policy structure Define overall risk management and carry out a risk analysis Evaluate threats and understand quantitative risk analysis Explain the concept of an exposure factor (EF) Know what single loss expectancy (SLE) is and how to calculate it Understand annualised rate of occurrence (ARO) Know what annualised loss expectancy (ALE) is and how to calculate it Know the formula for safeguard evaluation Understand qualitative risk analysis Understand the Delphi technique Know the options for handling risk Be able to explain total risk, residual risk, and controls gap Know how to implement security awareness training Understand security management planning Understand that personnel management is a form of administrative control or administrative management Know what inappropriate activities are Know that errors and omissions can cause security problems.

7 Understand fraud and theft Know what collusion is Understand employee sabotage Know how loss of physical and infrastructure support can cause security problems Understand espionage. Unit 6 Security Auditing Learners should be able to: Understand auditing Know the types or forms of auditing Understand compliance checking Understand the need for frequent security audits Understand that auditing is an aspect of due care Understand audit trails Understand how accountability is maintained Know the basic elements of an audit report Understand the need to control access to audit reports Understand sampling Understand record retention Understand monitoring and the uses of monitoring tools Understand failure recognition and response Understand what penetration testing is and be able to explain the methods used Know what diving and scavenging are.

8 11 Portfolio of Please refer to the glossary of assessment techniques and the note on assessment Assessment principles at the end of this module descriptor. All assessment is carried out in accordance with FETAC regulations. Assessment is devised by the internal assessor, with external moderation by FETAC. Summary Skills Demonstration 40% Examination 60% 11.2 Skills The internal assessor will devise a brief that requires candidates to Demonstration produce evidence that demonstrates an understanding and application of a range of specific learning outcomes. In one or more skills demonstrations, candidates will be assessed in a broad range of practical skills and adherence to safe working practices throughout. Candidates will demonstrate an ability to make a system secure from both internal and external misuse Examination The internal assessor will devise three multiple choice examinations based on the six units of study. Each multiple choice examination will be based on two units and will consist of 20 questions. Each exam will be of no more than one hour in duration and will have an allocation of 20% of the total marks for the module. These multiple choice examinations will assesses candidate s ability to recall and apply theory in a range of areas. These questions may be answered either orally or in writing. 12. Grading Pass 50-64% Merit 65-79% Distinction %

9 Individual Candidate Marking Sheet 1 Network Security C30260 Examination (50%) Candidate Name: NCVA Candidate No.: Centre: Roll No.: Assessment Criteria Maximum Mark Candidate Mark Units 1 and 2 Subtotal 20 Units 3 and 4 Subtotal 20 Units 5 and 6 Subtotal 20 TOTAL MARKS This mark should be transferred to the Module Results Summary Sheet 60 Internal Assessor s Signature: Date: External Examiner s Signature: Date:

10 Individual Candidate Marking Sheet 2 Network Security C30260 Case Study 40% Candidate Name: NCVA Candidate No.: Centre: Roll No.: Assessment Criteria Maximum Mark Candidate Mark Appropriate Risk Analysis 10 Appropriate Internal Security Procedures Appropriate External Security Procedures Appropriate documentation TOTAL MARKS This mark should be transferred to the Module Results Summary sheet 40 Internal Assessor s Signature: Date: External Examiner s Signature: Date:

11 NCVA Module Results Summary Sheet Module Title: Network Security Module Code: C30260 Candidate Surname Mark Sheet Mark Sheet Assessment Marking Sheets 1 2 Maximum Marks per Marking Sheet Candidate Forename Total 100% Grade* Signed: Internal Assessor: Date: This sheet is for internal assessors to record the overall marks of individual candidates. It should be retained in the centre. The marks awarded should be transferred to the official NCVA Module Results Sheet issued to centres before the visit of the external examiner.

12 Glossary of Assessment Techniques Assignment An exercise carried out in response to a brief with specific guidelines and usually of short duration. Each assignment is based on a brief provided by the internal assessor. The brief includes specific guidelines for candidates. The assignment is carried out over a period of time specified by the internal assessor. Assignments may be specified as an oral presentation, case study, observations, or have a detailed title such as audition piece, health fitness plan or vocational area profile. Collection of Work A collection and/or selection of pieces of work produced by candidates over a period of time that demonstrates the mastery of skills. Using guidelines provided by the internal assessor, candidates compile a collection of their own work. The collection of work demonstrates evidence of a range of specific learning outcomes or skills. The evidence may be produced in a range of conditions, such as in the learning environment, in a role play exercise, or in real-life/work situations. This body of work may be self-generated rather than carried out in response to a specific assignment eg art work, engineering work etc Examination A means of assessing a candidate s ability to recall and apply skills, knowledge and understanding within a set period of time (time constrained) and under clearly specified conditions. Examinations may be: practical, assessing the mastery of specified practical skills demonstrated in a set period of time under restricted conditions oral, testing ability to speak effectively in the vernacular or other languages interview-style, assessing learning through verbal questioning, on one-to-one/group basis aural, testing listening and interpretation skills theory-based, assessing the candidate s ability to recall and apply theory, requiring responses to a range of question types, such as objective, short answer, structured, essay. These questions may be answered in different media such as in writing, orally etc.

13 Learner Record Project A self-reported record by an individual, in which he/she describes specific learning experiences, activities, responses, skills acquired. Candidates compile a personal logbook/journal/diary/daily diary/ record/laboratory notebook/sketch book. The logbook/journal/diary/daily diary/record/laboratory notebook/sketch book should cover specified aspects of the learner s experience. A substantial individual or group response to a brief with guidelines, usually carried out over a period of time. Projects may involve: research requiring individual/group investigation of a topic process eg design, performance, production of an artefact/event Projects will be based on a brief provided by the internal assessor or negotiated by the candidate with the internal assessor. The brief will include broad guidelines for the candidate. The work will be carried out over a specified period of time. Projects may be undertaken as a group or collaborative project, however the individual contribution of each candidate must be clearly identified. The project will enable the candidate to demonstrate: (some of these about 2-4) understanding and application of concepts in (specify area) use/selection of relevant research/survey techniques, sources of information, referencing, bibliography ability to analyse, evaluate, draw conclusions, make recommendations understanding of process/planning implementation and review skills/ planning and time management skills ability to implement/produce/make/construct/perform mastery of tools and techniques design/creativity/problem-solving/evaluation skills presentation/display skills team working/co-operation/participation skills. Skills Demonstration Assessment of mastery of specified practical, organisational and/or interpersonal skills. These skills are assessed at any time throughout the learning process by the internal assessor/another qualified person in the centre for whom the candidate undertakes relevant tasks. The skills may be demonstrated in a range of conditions, such as in the learning environment, in a role-play exercise, or in a reallife/work situations.

14 The candidate may submit a written report/supporting documentation as part of the assessment. Examples of skills: laboratory skills, computer skills, coaching skills, interpersonal skills. NCVA Assessment Principles 1 Assessment is regarded as an integral part of the learning process. 2 All NCVA assessment is criterion referenced. Each assessment technique has assessment criteria which detail the range of marks to be awarded for specific standards of knowledge, skills and competence demonstrated by candidates. 3 The mode of assessment is generally local i.e. the assessment techniques are devised and implemented by internal assessors in centres. 4 Assessment techniques in NCVA modules are valid in that they test a range of appropriate learning outcomes. 5 The reliability of assessment techniques is facilitated by providing support for assessors. 6 Arising from an extensive consultation process, each NCVA module describes what is considered to be an optimum approach to assessment. When the necessary procedures are in place, it will be possible for assessors to use other forms of assessment, provided they are demonstrated to be valid and reliable. 7 To enable all learners to demonstrate that they have reached the required standard, candidate evidence may be submitted in written, oral, visual, multimedia or other format as appropriate to the learning outcomes. 8 Assessment of a number of modules may be integrated, provided the separate criteria for each module are met. 9 Group or team work may form part of the assessment of a module, provided each candidate s achievement is separately assessed.

Computer Graphics. www.fetac.ie. Module Descriptor

Computer Graphics. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Network Administration

Network Administration The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Child Psychology. www.fetac.ie. Module Descriptor

Child Psychology. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Database Methods. September 2001. Module Descriptor. www.fetac.ie

Database Methods. September 2001. Module Descriptor. www.fetac.ie The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Workplace Negotiation Skills

Workplace Negotiation Skills The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Start Your Own Business

Start Your Own Business The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Web Hosting & Maintenance

Web Hosting & Maintenance The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Drug & Alcohol Addiction

Drug & Alcohol Addiction The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

COMHAIRLE NÁISIÚNTA NA NATIONAL COUNCIL FOR VOCATIONAL AWARDS. Module Descriptor. Film Production. Level 2 E20150. September 2001. www.ncva.

COMHAIRLE NÁISIÚNTA NA NATIONAL COUNCIL FOR VOCATIONAL AWARDS. Module Descriptor. Film Production. Level 2 E20150. September 2001. www.ncva. COMHAIRLE NÁISIÚNTA NA gcáilíochtaí GAIRMOIDEACHAIS NATIONAL COUNCIL FOR VOCATIONAL AWARDS Module Descriptor Film Production Level 2 E20150 September 2001 www.ncva.ie Level 2 Module Descriptor Summary

More information

Client Server Networks

Client Server Networks The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Criminal Law. Level 5 N22762. www.fetac.ie. Module Descriptor

Criminal Law. Level 5 N22762. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Operating Department Care Skills

Operating Department Care Skills The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Reception. September 2001. Module Descriptor. www.fetac.ie

Reception. September 2001. Module Descriptor. www.fetac.ie The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Animal Anatomy and Physiology

Animal Anatomy and Physiology The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act, 1999,

More information

Audio Transcription. Level 6 N33001. www.fetac.ie. Module Descriptor

Audio Transcription. Level 6 N33001. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Child Development. www.fetac.ie. Module Descriptor

Child Development. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Nutrition. September 2001. Module Descriptor. www.fetac.ie

Nutrition. September 2001. Module Descriptor. www.fetac.ie The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Sound Engineering and Music Technology

Sound Engineering and Music Technology The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Home-based Childcare

Home-based Childcare The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Diploma in Information Security Control, Audit and Management (CISSP Certification)

Diploma in Information Security Control, Audit and Management (CISSP Certification) Diploma in Information Security Control, Audit and This course is designed and delivered by experienced information security professionals and is useful to information system managers, information security

More information

Sports Psychology. Level 6 N32979. www.fetac.ie. Module Descriptor

Sports Psychology. Level 6 N32979. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

COMHAIRLE NÁISIÚNTA NA NATIONAL COUNCIL FOR VOCATIONAL AWARDS PILOT. Consultative Draft Module Descriptor. Relational Database

COMHAIRLE NÁISIÚNTA NA NATIONAL COUNCIL FOR VOCATIONAL AWARDS PILOT. Consultative Draft Module Descriptor. Relational Database COMHAIRLE NÁISIÚNTA NA gcáilíochtaí GAIRMOIDEACHAIS NATIONAL COUNCIL FOR VOCATIONAL AWARDS PILOT Consultative Draft Module Descriptor Relational Database Level 3 C30147 December 1998 1 Title Relational

More information

Event Management. www.fetac.ie. Module Descriptor

Event Management. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

ICANWK406A Install, configure and test network security

ICANWK406A Install, configure and test network security ICANWK406A Install, configure and test network security Release: 1 ICANWK406A Install, configure and test network security Modification History Release Release 1 Comments This Unit first released with

More information

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs Network Security Ola Lundh ola.lundh@hh.se Schedule/ time-table: landris.hh.se/ (NetwoSec) Course home-page: hh.se/english/ide/education/student/coursewebp ages/networksecurity cisco.netacad.net Packet

More information

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2) Course number: CFED Length: 5 days Certification Exam This course will help you prepare for the following exams: CCE --

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Data Handling in University Case Study- Information Security in University Agenda Case Study Background

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

OCR LEVEL 3 CAMBRIDGE TECHNICAL

OCR LEVEL 3 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR LEVEL 3 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT NETWORKED SYSTEMS SECURITY J/601/7332 LEVEL 3 UNIT 28 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 NETWORKED SYSTEMS SECURITY

More information

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI Introduction. I. VULNERABILITIES AND TECHNOLOGIES. 1. Hackers and Threats. Contending with Vulnerability Realizing Value in Security

More information

Systems and Principles Unit Syllabus

Systems and Principles Unit Syllabus Systems and Principles Unit Syllabus Level 3 Implementing an ICT systems security policy 7540-032 www.cityandguilds.com September 2010 Version 1.0 About City & Guilds City & Guilds is the UK s leading

More information

EC Council Certified Ethical Hacker V8

EC Council Certified Ethical Hacker V8 Course Code: ECCEH8 Vendor: Cyber Course Overview Duration: 5 RRP: 2,445 EC Council Certified Ethical Hacker V8 Overview This class will immerse the delegates into an interactive environment where they

More information

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft) 1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

More information

Certified Ethical Hacker (CEH)

Certified Ethical Hacker (CEH) Certified Ethical Hacker (CEH) Course Number: CEH Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Exam 312 50: Certified Ethical Hacker Course Overview The

More information

Denial of Service (DoS) Technical Primer

Denial of Service (DoS) Technical Primer Denial of Service (DoS) Technical Primer Chris McNab Principal Consultant, Matta Security Limited chris.mcnab@trustmatta.com Topics Covered What is Denial of Service? Categories and types of Denial of

More information

Qualification Specification. Level 4 Certificate in Cyber Security and Intrusion For Business

Qualification Specification. Level 4 Certificate in Cyber Security and Intrusion For Business Qualification Specification Level 4 Certificate in Cyber Security and Intrusion For Business ProQual 2015 Contents Page Introduction 3 Qualification profile 3 Centre requirements 4 Support for candidates

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Fundamentals of Network Security - Theory and Practice-

Fundamentals of Network Security - Theory and Practice- Fundamentals of Network Security - Theory and Practice- Program: Day 1... 1 1. General Security Concepts... 1 2. Identifying Potential Risks... 1 Day 2... 2 3. Infrastructure and Connectivity... 2 4. Monitoring

More information

Network Security: Introduction

Network Security: Introduction Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has

More information

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.

More information

ICANWK303A Configure and administer a network operating system

ICANWK303A Configure and administer a network operating system ICANWK303A Configure and administer a network operating system Release: 1 ICANWK303A Configure and administer a network operating system Modification History Release Release 1 Comments This Unit first

More information

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013 CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

RISK ASSESSMENT GUIDELINES

RISK ASSESSMENT GUIDELINES RISK ASSESSMENT GUIDELINES A Risk Assessment is a business tool used to gauge risks to the business and to assist in safeguarding against that risk by developing countermeasures and mitigation strategies.

More information

Introduction p. 2. Introduction to Information Security p. 1. Introduction

Introduction p. 2. Introduction to Information Security p. 1. Introduction Introduction p. xvii Introduction to Information Security p. 1 Introduction p. 2 What Is Information Security? p. 3 Critical Characteristics of Information p. 4 CNSS Security Model p. 5 Securing Components

More information

PART D NETWORK SERVICES

PART D NETWORK SERVICES CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

OCR Level 2 CAMBRIDGE TECHNICAL

OCR Level 2 CAMBRIDGE TECHNICAL Cambridge TECHNICALS OCR Level 2 CAMBRIDGE TECHNICAL CERTIFICATE/DIPLOMA IN IT IT security J/601/4057 LEVEL 2 UNIT 18 GUIDED LEARNING HOURS: 60 UNIT CREDIT VALUE: 10 IT SECURITY J/601/4057 LEVEL 2 Aim

More information

Detailed Description about course module wise:

Detailed Description about course module wise: Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference

More information

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13 COURSE TITLE : INFORMATION SECURITY COURSE CODE : 5136 COURSE CATEGORY : ELECTIVE PERIODS/WEEK : 4 PERIODS/SEMESTER : 52 CREDITS : 4 TIME SCHEDULE MODULE TOPICS PERIODS 1 Introduction to Computer Security

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities

Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities Joint Universities Computer Centre Limited ( JUCC ) Information Security Awareness Training- Session Two Information Security in Universities Agenda Information Security Management in Universities Recent

More information

Graphic Design. www.fetac.ie. Module Descriptor

Graphic Design. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

Chapter 15: Computer and Network Security

Chapter 15: Computer and Network Security Chapter 15: Computer and Network Security Complete CompTIA A+ Guide to PCs, 6e What is in a security policy Mobile device security methods and devices To perform operating system and data protection How

More information

FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE

FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE Form 2A, Page 1 FLORIDA STATE COLLEGE AT JACKSONVILLE COLLEGE CREDIT COURSE OUTLINE COURSE NUMBER: CTS 2658 COURSE TITLE: PREREQUISITE(S): COREQUISITE(S): Managing Network Security CNT 2210 with grade

More information

ICASAS505A Review and update disaster recovery and contingency plans

ICASAS505A Review and update disaster recovery and contingency plans ICASAS505A Review and update disaster recovery and contingency plans Release: 1 ICASAS505A Review and update disaster recovery and contingency plans Modification History Release Release 1 Comments This

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

Data Security Incident Response Plan. [Insert Organization Name]

Data Security Incident Response Plan. [Insert Organization Name] Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security

More information

INTRUSION DETECTION SYSTEMS and Network Security

INTRUSION DETECTION SYSTEMS and Network Security INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS

More information

Networked Systems Security

Networked Systems Security Unit 32: Networked Systems Security Unit code: QCF Level 3: Credit value: 10 Guided learning hours: 60 Aim and purpose J/601/7332 BTEC National The aim of this unit is to ensure learners know about the

More information

Monitor and administer network security

Monitor and administer network security ICAS4124A Unit Descriptor Unit Sector Monitor and administer network security This unit defines the competency required to monitor and administer security functions on a network according to organisational

More information

Intruders & Intrusion Hackers Criminal groups Insiders. Detection and IDS Techniques Detection Principles Requirements Host-based Network-based

Intruders & Intrusion Hackers Criminal groups Insiders. Detection and IDS Techniques Detection Principles Requirements Host-based Network-based Lecture Outline Intruders & Intrusion Hackers Criminal groups Insiders Detection and IDS Techniques Detection Principles Requirements Host-based Network-based Honeypot Madartists Intruders significant

More information

Security + Certification (ITSY 1076) Syllabus

Security + Certification (ITSY 1076) Syllabus Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Printed Circuit Board Design & Fabrication

Printed Circuit Board Design & Fabrication The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

UoB Risk Assessment Methodology

UoB Risk Assessment Methodology [Type here] UoB Risk Assessment Methodology The Risk Assessment Methodology describes how information security risk will be managed, including guidance for assessing, scoring, choosing acceptance or treatment

More information

Operating Systems. www.fetac.ie. Module Descriptor

Operating Systems. www.fetac.ie. Module Descriptor The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

CompTIA Security+ (Exam SY0-410)

CompTIA Security+ (Exam SY0-410) CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow IDS 4.0 Roadshow Module 1- IDS Technology Overview Agenda Network Security Network Security Policy Management Protocols The Security Wheel IDS Terminology IDS Technology HIDS and NIDS IDS Communication

More information

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,

More information

Firewall. User Manual

Firewall. User Manual Firewall User Manual 1 IX. Firewall This chapter introduces firewall general policy, access rule, and content filter settings to ensure network security. 9.1 General Policy The firewall is enabled by default.

More information

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline Course Number: SEC 150 Course Title: Security Concepts Hours: 2 Lab Hours: 2 Credit Hours: 3 Course Description: This course provides an overview of current technologies used to provide secure transport

More information

Network Security: A Practical Approach. Jan L. Harrington

Network Security: A Practical Approach. Jan L. Harrington Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of

More information

Network Security for SMBs Defending Your Network Dependent Business White Paper Abstract Computer networks are powerful business tools, increasing worker productivity and enabling new ways for businesses

More information

California State University, Chico. Information Security Incident Management Plan

California State University, Chico. Information Security Incident Management Plan Information Security Incident Management Plan Version 0.8 January 5, 2009 Table of Contents Introduction... 3 Scope... 3 Objectives... 3 Incident Management Procedures... 4 Roles and Responsibilities...

More information

Network and Host-based Vulnerability Assessment

Network and Host-based Vulnerability Assessment Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:

More information

Information Security By Bhupendra Ratha, Lecturer School of Library & Information Science D.A.V.V., Indore E-mail:bhu261@gmail.com Outline of Information Security Introduction Impact of information Need

More information

642 552 Securing Cisco Network Devices (SND)

642 552 Securing Cisco Network Devices (SND) 642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,

More information

Unit 3 Cyber security

Unit 3 Cyber security 2016 Suite Cambridge TECHNICALS LEVEL 3 IT Unit 3 Cyber security Y/507/5001 Guided learning hours: 60 Version 1 September 2015 ocr.org.uk/it LEVEL 3 UNIT 3: Cyber security Y/507/5001 Guided learning hours:

More information

CCNA Security. Chapter One Modern Network Security Threats. 2009 Cisco Learning Institute.

CCNA Security. Chapter One Modern Network Security Threats. 2009 Cisco Learning Institute. CCNA Security Chapter One Modern Network Security Threats 1 Lesson Planning This lesson should take 3-6 hours to present The lesson should include lecture, demonstrations, discussion and assessment The

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

Top tips for improved network security

Top tips for improved network security Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

More information

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0 ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Fundamental Principles of a Secure Network

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

BUY ONLINE FROM: http://www.itgovernance.co.uk/products/497

BUY ONLINE FROM: http://www.itgovernance.co.uk/products/497 CISSP EXAM CRAM 2 1. The CISSP Certification Exam. Assessing Exam Readiness. Taking the Exam. Multiple-Choice Question Format. Exam Strategy. Question-Handling Strategies. Mastering the Inner Game. 2.

More information

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology

More information

Ohio Supercomputer Center

Ohio Supercomputer Center Ohio Supercomputer Center Intrusion Prevention and Detection No: Effective: OSC-12 5/21/09 Issued By: Kevin Wohlever Director of Supercomputer Operations Published By: Ohio Supercomputer Center Original

More information

Penetration Testing Service. By Comsec Information Security Consulting

Penetration Testing Service. By Comsec Information Security Consulting Penetration Testing Service By Consulting February, 2007 Background The number of hacking and intrusion incidents is increasing year by year as technology rolls out. Equally, there is no hiding place your

More information

[CEH]: Ethical Hacking and Countermeasures

[CEH]: Ethical Hacking and Countermeasures [CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,

More information

Jort Kollerie SonicWALL

Jort Kollerie SonicWALL Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential

More information

Unit title: Cyber Security Fundamentals (SCQF level 4)

Unit title: Cyber Security Fundamentals (SCQF level 4) National Unit specification General information Unit code: H9T5 44 Superclass: CC Publication date: October 2015 Source: Scottish Qualifications Authority Version: 01 Unit purpose The purpose of this Unit

More information

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.

More information

A Decision Maker s Guide to Securing an IT Infrastructure

A Decision Maker s Guide to Securing an IT Infrastructure A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose

More information

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Exam Information Candidate Eligibility: The CyberSec First Responder: Threat Detection and Response (CFR) exam

More information

Loophole+ with Ethical Hacking and Penetration Testing

Loophole+ with Ethical Hacking and Penetration Testing Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,

More information

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014

DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014 DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014 Revision History Update this table every time a new edition of the document is

More information

Veterinary Practice Management

Veterinary Practice Management The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information